Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211301.roa
File: AS211301.roa (raw, json)
Hash identifier: nKJuiieFEI1hEo2ZW2ogn/oy83XEfWmt7hkUD298HnM=
Subject key identifier: 52:3C:92:08:45:B1:1C:C0:CA:3D:D5:A0:46:9D:F3:0A:07:78:19:A2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7CDF6A22CA0301C3E9A0E9AE26C4D37EE9BC539E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211301.roa
Signing time: Fri 29 Nov 2024 08:17:57 +0000
ROA not before: Fri 29 Nov 2024 08:12:57 +0000
ROA not after: Fri 28 Nov 2025 08:17:57 +0000
asID: 211301
IP address blocks: 179.61.138.0/24 maxlen: 24
179.61.221.0/24 maxlen: 24
179.61.251.0/24 maxlen: 24
179.61.253.0/24 maxlen: 24
181.214.99.0/24 maxlen: 24
181.214.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:df:6a:22:ca:03:01:c3:e9:a0:e9:ae:26:c4:d3:7e:e9:bc:53:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 29 08:12:57 2024 GMT
Not After : Nov 28 08:17:57 2025 GMT
Subject: CN=523C920845B11CC0CA3DD5A0469DF30A077819A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:35:53:0d:0e:b2:9b:70:27:6d:3e:1b:2a:dc:
09:14:dd:f0:88:4a:e4:21:fb:c8:f6:f4:f0:7a:be:
79:3d:86:ca:99:39:83:f0:84:7f:d5:05:0e:51:11:
9b:ad:8f:2a:ba:72:10:34:c4:d6:c4:0a:36:0b:48:
0b:0f:62:73:87:52:8f:6b:9c:ea:01:a2:3d:2b:ea:
8e:34:f9:02:12:bc:a1:b0:8b:d7:c9:db:e3:bf:bd:
88:f3:6c:a9:48:24:cf:c0:7e:6e:93:54:bf:a2:bc:
0b:f9:50:95:fd:a2:df:5b:ea:fe:76:12:f2:d9:e1:
71:a5:9c:26:53:58:b7:11:3c:ae:a6:19:22:89:9e:
e9:fa:1b:78:cc:b1:8d:6f:fd:ee:43:d6:45:c4:93:
f0:53:1f:58:ea:5e:b4:a4:75:f2:23:c2:65:c8:1c:
2c:4c:ab:48:6d:1d:58:92:20:f3:b4:e7:1f:86:d7:
07:a4:85:54:ec:83:67:0b:28:fb:54:68:aa:89:8e:
98:29:98:92:c1:19:bc:7d:8f:5c:64:51:61:d2:4f:
2b:9e:4e:6d:8d:c1:bd:e5:6f:d5:68:61:d5:53:34:
60:e7:6c:53:bb:f5:5b:48:3b:ad:a6:f3:f3:4f:ff:
b7:f3:71:6d:0c:51:76:e2:fb:dd:e0:0c:60:96:eb:
f7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3C:92:08:45:B1:1C:C0:CA:3D:D5:A0:46:9D:F3:0A:07:78:19:A2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211301.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.138.0/24
179.61.221.0/24
179.61.251.0/24
179.61.253.0/24
181.214.99.0/24
181.214.231.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:8f:42:be:d1:f7:73:58:c1:8e:b0:c5:40:b2:3d:cf:43:6a:
48:1a:c9:fd:a7:20:e2:13:78:e2:47:49:80:a8:0e:5f:89:fe:
d5:64:a4:c5:88:a3:d9:4c:69:40:0d:03:4b:22:0a:7a:86:fd:
30:66:71:16:91:c1:40:2c:a4:55:44:65:c5:c2:e0:06:61:c6:
a1:bd:ff:9c:54:ba:15:30:18:b7:33:86:03:ce:98:e2:33:e3:
8e:82:ad:94:71:4c:b7:d6:57:62:23:14:43:e3:34:1b:4a:a5:
5e:c3:ed:b3:b0:48:af:37:8d:5b:7c:d3:03:08:b5:af:01:9e:
88:7a:bd:7e:c3:a3:30:1c:da:57:cf:82:48:ef:4f:99:7c:ae:
45:98:e9:f4:94:6c:db:d0:a8:ca:b0:11:df:60:28:be:da:15:
90:46:e7:c2:79:1c:b3:37:99:2b:51:69:60:8d:2f:df:a5:81:
d3:be:3f:00:66:2f:bd:7c:5c:3f:a6:a0:3c:03:37:2e:08:af:
77:30:5f:3b:34:b3:75:59:83:3d:4a:27:2c:98:7f:5e:47:4d:
d9:df:cc:26:62:ec:0a:2c:fe:df:03:d7:37:80:b6:a7:4c:a6:
2b:ec:26:7b:d5:a7:94:9d:a9:c6:7c:2b:97:d0:41:c8:b5:e7:
55:31:86:9f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUfN9qIsoDAcPpoOmuJsTTfum8U54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMjkwODEyNTdaFw0yNTExMjgwODE3NTdaMDMxMTAvBgNV
BAMTKDUyM0M5MjA4NDVCMTFDQzBDQTNERDVBMDQ2OURGMzBBMDc3ODE5QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkNVMNDrKbcCdtPhsq3AkU3fCI
SuQh+8j29PB6vnk9hsqZOYPwhH/VBQ5REZutjyq6chA0xNbECjYLSAsPYnOHUo9r
nOoBoj0r6o40+QISvKGwi9fJ2+O/vYjzbKlIJM/Afm6TVL+ivAv5UJX9ot9b6v52
EvLZ4XGlnCZTWLcRPK6mGSKJnun6G3jMsY1v/e5D1kXEk/BTH1jqXrSkdfIjwmXI
HCxMq0htHViSIPO05x+G1wekhVTsg2cLKPtUaKqJjpgpmJLBGbx9j1xkUWHSTyue
Tm2Nwb3lb9VoYdVTNGDnbFO79VtIO62m8/NP/7fzcW0MUXbi+93gDGCW6/cJAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUUjySCEWxHMDKPdWgRp3zCgd4GaIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjExMzAxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsz2K
AwQAsz3dAwQAsz37AwQAsz39AwQAtdZjAwQAtdbnMA0GCSqGSIb3DQEBCwUAA4IB
AQC0j0K+0fdzWMGOsMVAsj3PQ2pIGsn9pyDiE3jiR0mAqA5fif7VZKTFiKPZTGlA
DQNLIgp6hv0wZnEWkcFALKRVRGXFwuAGYcahvf+cVLoVMBi3M4YDzpjiM+OOgq2U
cUy31ldiIxRD4zQbSqVew+2zsEivN41bfNMDCLWvAZ6Ier1+w6MwHNpXz4JI70+Z
fK5FmOn0lGzb0KjKsBHfYCi+2hWQRufCeRyzN5krUWlgjS/fpYHTvj8AZi+9fFw/
pqA8AzcuCK93MF87NLN1WYM9SicsmH9eR03Z38wmYuwKLP7fA9c3gLanTKYr7CZ7
1aeUnanGfCuX0EHItedVMYaf
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:20 2025 by rpki-client